According to Johan Hermans, CEO, CSI tools, SAP security projects consume enormous budgets without really improving the security. 90% of the security administrators do not know how many transaction codes and authorization objects exist in a SAP system and their purpose, observes Johan. Most people think that they can protect SAP systems by removing and assigning transaction codes to users and that the purpose of authorization objects is to restrict certain organizational levels like company codes, plants, sales organizations etc.
The reality is however completely different: Only the authorization objects assigned to a user gives this user the permission to access the data, regardless if this user can execute the transaction. In a SAP system there can be more than 150.000 transaction codes and there are only 1.200 authorizations objects.
Johan believes that the challenge of SAP security is first to really understand how it works. CSI tools give its customers guidance to simplify the complexity by splitting it into two layers – a governance layer and a technical layer. The main advantage lies in the fact that access governances become transparent. The management can focus on the governance aspects and the technical people can focus on technical layer and get the instructions through the governance layer. CSI tools have a unique approach. They structure the technical security data into 300 data elements that are easy to understand and interpret within all layers of the organization.
The company has rendered its services to several enterprises in multiple domains. In terms of Role Management and Design, CSI tools has advanced functionality that helped organizations design, build (even automatically) and manage roles in the SAP environment and to streamline role redesign based on SoD conflicts and role usage. Another category is the SAP security audits in which CSI tools has helped organizations not only to create correct GRC reports and analyses but also helped mitigating the risks. The organization has also helped businesses with emergency access management and monitoring of emergency access given in those situations that the organization needs to react and do something quickly.
The reason why enterprises decide to choose CSI tools as their solution for SAP access governance is manifold. In terms of efficiency, CSI tools has been characterized with cost savings in employee time designing user roles in context of company changes, less spending not only on external, also internal consultants to do manual control validation and SoD monitoring, and efficiency in assigning and determining appropriate access, amongst others. As for effectiveness, their customers have testified to reduction in auditor findings related to SoD conflicts, reduction in risk exposure as well as business disruption through stronger control enforcement and monitoring, and ability to customize queries to solve specific authorization challenges.
CSI tools helps managing security in a better way by introducing a new innovative and user friendly SAP request procedure. CSI tools’ focus is not only supporting risk reporting, but also on risk mitigation. The company is proud on their unique approach and functionality that is finally being recognized by the market. Thus far, the organization is content that their products have been well received and that they have been rewarded for their innovation. This is evident of the fact that they have had an excessive growth in customers and products selling.